General

  • Target

    2024-06-13_899d2134a890c593a6990c5476c170ec_cryptolocker

  • Size

    73KB

  • Sample

    240613-b7nplszdpg

  • MD5

    899d2134a890c593a6990c5476c170ec

  • SHA1

    16256e4f674a57827669fa75aa081f6b0274dcac

  • SHA256

    34ed2f132f42407a72974e8f214eb44d60d98f8a83f751b3195db096642cb8d5

  • SHA512

    ff5df3991e47cd7e91e95f3e7c4acecfe7486a64e85651991c5255cebeb68c45adfc0778c17bc3b623bccc777b5ce57268db08728cc0f50631b8aca592f19780

  • SSDEEP

    1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs973D:C4Q2c94OtEvwDpj4H8zS

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-13_899d2134a890c593a6990c5476c170ec_cryptolocker

    • Size

      73KB

    • MD5

      899d2134a890c593a6990c5476c170ec

    • SHA1

      16256e4f674a57827669fa75aa081f6b0274dcac

    • SHA256

      34ed2f132f42407a72974e8f214eb44d60d98f8a83f751b3195db096642cb8d5

    • SHA512

      ff5df3991e47cd7e91e95f3e7c4acecfe7486a64e85651991c5255cebeb68c45adfc0778c17bc3b623bccc777b5ce57268db08728cc0f50631b8aca592f19780

    • SSDEEP

      1536:nj+4zs2cPVhlMOtEvwDpj4H8u8rZVTs973D:C4Q2c94OtEvwDpj4H8zS

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks